Re: attack 2
From: jludwig (wralphie_at_comcast.net)
Date: 05/12/05
- Previous message: Sam Varshavchik: "Re: 64-bit Firefox and no Flash :("
- In reply to: John Summerfied: "Re: attack 2"
- Next in thread: Richard Crawford: "Re: attack 2"
- Reply: Richard Crawford: "Re: attack 2"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
To: For users of Fedora Core releases <fedora-list@redhat.com> Date: Thu, 12 May 2005 16:53:40 -0400
On Wednesday 11 May 2005 08:29 pm, John Summerfied wrote:
> grim wrote:
snip
> At work I've tried using a password generator for users' passwords. It's
> a nice idea. but the staff are completely unable to cope with them. In
> practice, either I need to know them too or I forever need to reset them.
>
> One thing I learned after one user's account was cracked (I didn't
> assign that password) is to have incoming ssh on a box that doesn't host
> mail and other user services. If someone uses (assuming it's possible)
> ftp, email or http to enumerate users, the users they find mostly don't
> have user accounts on the machine running sshd.
>
> Users not having login rights have /bin/true, /bin/false, /bin/nologin
> or similar for their login shell.
>
>
> I personally don't see the merit on changing the ssh port; if it's
> configured sensibly that gains inconvenience, nothing else.
> Cheers
> John
Patterns on the keyboard are a good way to go as far as password generation.
Something such as qazwsx123 (try typing it out on a "qwerty" keyboard).
-- John H Ludwig Common sense is so rare, why do they call it common!!! I'm not schitziod! I got better tomorrow. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
- Previous message: Sam Varshavchik: "Re: 64-bit Firefox and no Flash :("
- In reply to: John Summerfied: "Re: attack 2"
- Next in thread: Richard Crawford: "Re: attack 2"
- Reply: Richard Crawford: "Re: attack 2"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
